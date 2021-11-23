Typically, when hackers get encrypted passwords Obtaining them in plain text is a process that can take days, months, years, and they may not even be able to decipher them. However, if they are accessible in plain text , then they can start to wreak havoc right away.

Among the passwords that have been accessed, GoDaddy recognizes that all admin passwords that are sent by default when creating an account have been accessed. Thus, if you have not changed that default password, hackers now have it in their possession and can access your account. These passwords are normally sent in plain text to email , so they were not encrypted.

This has been communicated by the company, which states that the past November 17 discovered that there was cybercriminals on your network since September 6, 2021 , so there were a few 10 weeks inside . At that time, they got hold of the emails and customer numbers from 1.2 million WordPress pages , getting the emails and passwords from those databases. Additionally, they accessed all active user SSL and TLS private keys.

Therefore, GoDaddy has reset all affected passwords, and is in the process of replacing all the stolen web certificates with new ones. There is also contacting the 1.2 million affected usersAlthough after two months on your network, it is possible that many have already generated serious problems on websites managed with WordPress.

Thus, a hacker with access to the sFTP password, you can download all the content of a web page, and also modify the existing one and install malicious plugins. With this, even after changing the password, they may have access to the new one. They can also post bogus content, links to malicious websites, or introduce mining scripts.

Having access to the SSL / TLS private key of the web and all the content, an attacker can create a web identical to ours that not only claims to be the real web, but can also prove it by having the real web certificate.

What to do to protect yourself

Therefore, it is important to carry out a multitude of protection measures. The first thing is to thoroughly review the WordPress website, including all the files in the directory plugins and themes. You also have to see all the accounts registered on the web, since there may be new users with administrator permission.

After that, we have to change passwords and enable two-step verification to prevent hackers from accessing the web again. Finally, be careful if someone contacts you by email offering “help” to clean up the WordPress site, as they may actually be the attackers who have your contact information, and they may only need the password to enter.